﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;

namespace 登陆界面
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        public void IncreaseErrorTime(string userName)
        {
            string conStr = @"Data Source =.; Initial Catalog = Mydb_1;User Id = sa;Password =;";

            using (SqlConnection conn = new SqlConnection(conStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "update T_users set ErrorTimes = ErrorTimes+1 where Username = @un";
                    cmd.Parameters.Add(new SqlParameter("un", userName));
                    cmd.ExecuteNonQuery();
                }
            }
        }//end method IncreaseErrorTimes

        public void SetErrorTimesZero(string userName)
        {
            string conStr = @"Data Source =.; Initial Catalog = Mydb_1;User Id = sa;Password =;";

            using (SqlConnection conn = new SqlConnection(conStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "update T_users set Errortimes = 0 where username = @un";
                    cmd.Parameters.Add(new SqlParameter("un",userName));
                    cmd.ExecuteNonQuery();
                }
            }//end sql

        }//end method SetErrorTimesZero

        private void btnLogin_Click(object sender, EventArgs e)
        {
            string conStr = @"Data Source = .;Initial Catalog = Mydb_1;User Id=sa;Password = ";

            using (SqlConnection conn = new SqlConnection(conStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "select * from T_Users where username =@un";
                    cmd.Parameters.Add(new SqlParameter("un",txtUserName.Text));
                    using (SqlDataReader reader = cmd.ExecuteReader())
                    {
                        if (reader.Read())
                        {
                            string dbPassword = reader.GetString(reader.GetOrdinal("password"));
                            if (txtPassword.Text == dbPassword)
                            {
                                MessageBox.Show("登陆成功!");
                                SetErrorTimesZero(txtUserName.Text);
                            }
                            else
                            {
                                MessageBox.Show("密码错误");
                                IncreaseErrorTime(txtUserName.Text);
                            }
                        }
                        else
                        {
                            MessageBox.Show("用户名不存在!");
                        }
                    }
                }
            }//end SqlConnection
        }//end btnLogin_Click
    }
}
